Pages

Thursday, 18 June 2015

Researchers Have Malware In Apple App Stores

Researchers at Indiana University have succeeded in malware for Mac OS X and iOS to get into the App Store from Apple that allows access to sensitive data from other apps can be obtained. Examples include passwords to iCloud, your default e-mail program and Internet banking and the secret token for the note program Evernote.

It also showed that the design of the app sandbox on Mac OS X was vulnerable, so the malware could approach the private directory apps. The malware could thus have access to notes, and contacts that were stored in Evernote, as well as photos of WeChat. The researchers published their work in late May in a report ( PDF ) called "Unauthorized Cross-App Resource Access on Mac OS X and iOS." To prevent apps access to each other's information systems get fit "app isolation" to which each app is in its own sandbox.

It appears that in some cases for apps still be possible to access the "resources" of other apps, which the researchers call "unauthorized cross-app resource access" (XARA). It was known that this problem played in Android, but the researchers wanted to know whether Mac OS X and iOS are vulnerable. Two platforms, which are believed to be safer than Android, so the researchers in the report know. They discovered that the problem also affects the Apple operating system. Thus, the mechanism can be hijacked that controls access to the Keychain, so it is then possible to gain access to passwords and other credentials of apps and websites that are stored here.

Impact

"The consequences of these attacks are serious, including the leak of passwords, secret tokens and all kinds of sensitive documents. Our research shows that the problem is caused by a lack of authentication at app-to-app and app-to-system interactions "the researchers said in their conclusion. They developed a scanner to analyze binaries for OS X and iOS apps to determine if the proper protection measure is contained in their code or not.

More than 88.6% of the 1612 popular Mac apps and 200 iOS apps were completely vulnerable to a XARA attack, which could steal a malicious app security information. Apple would be informed by the researchers in October 2014 and then asked to wait with the publication of the report, but the investigators would have since heard nothing more, reports The Register . The problem in Mac OS X 10.10.3 and 10.10.4 still present.